Lead Security Engineer
We’re looking for talented professionals, anywhere in the United States, to join us in bringing smart money management and payment solutions to everyone’s fingertips.
At Green Dot, we are evolving to a new and permanent “Work from Anywhere” model designed to maximize the benefits of remote work, promote and enable a strong culture of performance and connectedness, and attract the best and brightest talent who align with our entrepreneurial spirit and mission.
<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
JOB DESCRIPTION
Lead Security Engineer
Is the primary tech lead for Green Dot’s security the development, evaluation and implementation of governance, risk and compliance and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Stays current on current and pending laws and regulations, industry standards and customer and vendor contracts to understand and communicate compliance requirements. Focus is data protection and compliance. Responsible for hardware, software and network firewalls and encryption protocols. Responsible for network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. May conduct penetration testing and vulnerability assessments of applications, operating systems and/or networks. May respond to cybersecurity breaches, identify intrusions and isolate, block and remove unauthorized access. May assist in the creation and implementation of security solutions.
Job Responsibilities
Build and operate Green Dot Cloud's security systems for automated detections and responses in Azure and AWS
Proactively identify risks and malicious activity in our cloud infrastructure and systems
Analyze systems, logs, events, and alerts for signs of malicious activity
Write custom detections rules and tools to monitor, analyze, and detect malicious activity
Build automation for response and remediation of malicious and anomalous activity
Develop and deploy new security practices, policies and tools to multiple environments.
Document new and/or update existing security procedures, architecture and knowledge base articles.
Drive implementation of countermeasures, mitigations, and containment
Collaborate with engineering, IT, and other security teams to develop scalable and flexible solutions for defending Green Dot’s Cloud from low-level actors to nation state actors.
Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Provide feedback into Green Dot products, modules, and services to improve cybersecurity capabilities as an internal customer with real-world experiences.
Be on periodic on-call for triage of critical alerts from detections
Job Requirements
4+ years of experience with building and operating a SIEM (i.e. Splunk, Sentinel, etc.) or cloud-based security analytics for security data search and analysis operations.
4+ years of experience in cloud hosted environments (e.g. Azure, AWS)
4+ years of experience building security tools in using DevOps application development practices (e.g. Git, JIRA, Kanban) and deployment (e.g. Jenkins, GitHub Action Runners, CloudFormation, Terraform)
4+ years of experience threat hunting tactics and techniques in Linux, containers, and serverless systems to proactively identify known and unknown cyber threats, advisory behaviors, and anomalies
Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) (e.g. MITRE ATT&CK, building threat intelligence, etc.)
Experience with building and operating a SIEM in cloud (i.e. Splunk, Sentinel, etc.) or cloud-based security analytics for cloud security data search and analysis operations.
Experience in securing cloud infrastructure (Azure,AWS) using native and 3rd party tools (e.g. Palo Alto Prisma, Azure Policy, Intune, Cloud Trail, AWS Config)
Experience with network firewall configuration (e.g. Cisco, Palo Alto, Azure FW)
Experience with web proxy solutions (e.g. Websense, Azure Global Connect)
Experience designing and building defense-in-depth security monitoring to aid in detection, triage, analysis, and response
Working with industry security and risks standards (e.g. FedRAMP Moderate, PCI DSS, SOC2, ISO 27001, CIS Benchmarks) for sensitive data protection
POSITION TYPE
Regular
PAY RANGE
The targeted base salary for this position is $120,700 to $180,900 per year. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.
<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
Green Dot promotes diversity and provides equal opportunity for all applicants and employees. We are dedicated to building a company that represents a variety of backgrounds, perspectives, and skills. We believe that the more inclusive we are, the better our work (and work environment) will be for everyone. Additionally, Green Dot provides reasonable accommodations for candidates on request and respects applicants' privacy rights.
About the job
Apply for this position
Lead Security Engineer
We’re looking for talented professionals, anywhere in the United States, to join us in bringing smart money management and payment solutions to everyone’s fingertips.
At Green Dot, we are evolving to a new and permanent “Work from Anywhere” model designed to maximize the benefits of remote work, promote and enable a strong culture of performance and connectedness, and attract the best and brightest talent who align with our entrepreneurial spirit and mission.
<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
JOB DESCRIPTION
Lead Security Engineer
Is the primary tech lead for Green Dot’s security the development, evaluation and implementation of governance, risk and compliance and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Stays current on current and pending laws and regulations, industry standards and customer and vendor contracts to understand and communicate compliance requirements. Focus is data protection and compliance. Responsible for hardware, software and network firewalls and encryption protocols. Responsible for network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. May conduct penetration testing and vulnerability assessments of applications, operating systems and/or networks. May respond to cybersecurity breaches, identify intrusions and isolate, block and remove unauthorized access. May assist in the creation and implementation of security solutions.
Job Responsibilities
Build and operate Green Dot Cloud's security systems for automated detections and responses in Azure and AWS
Proactively identify risks and malicious activity in our cloud infrastructure and systems
Analyze systems, logs, events, and alerts for signs of malicious activity
Write custom detections rules and tools to monitor, analyze, and detect malicious activity
Build automation for response and remediation of malicious and anomalous activity
Develop and deploy new security practices, policies and tools to multiple environments.
Document new and/or update existing security procedures, architecture and knowledge base articles.
Drive implementation of countermeasures, mitigations, and containment
Collaborate with engineering, IT, and other security teams to develop scalable and flexible solutions for defending Green Dot’s Cloud from low-level actors to nation state actors.
Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work
Provide feedback into Green Dot products, modules, and services to improve cybersecurity capabilities as an internal customer with real-world experiences.
Be on periodic on-call for triage of critical alerts from detections
Job Requirements
4+ years of experience with building and operating a SIEM (i.e. Splunk, Sentinel, etc.) or cloud-based security analytics for security data search and analysis operations.
4+ years of experience in cloud hosted environments (e.g. Azure, AWS)
4+ years of experience building security tools in using DevOps application development practices (e.g. Git, JIRA, Kanban) and deployment (e.g. Jenkins, GitHub Action Runners, CloudFormation, Terraform)
4+ years of experience threat hunting tactics and techniques in Linux, containers, and serverless systems to proactively identify known and unknown cyber threats, advisory behaviors, and anomalies
Solid understanding of modern attacker tactics, techniques, and procedures (TTPs) (e.g. MITRE ATT&CK, building threat intelligence, etc.)
Experience with building and operating a SIEM in cloud (i.e. Splunk, Sentinel, etc.) or cloud-based security analytics for cloud security data search and analysis operations.
Experience in securing cloud infrastructure (Azure,AWS) using native and 3rd party tools (e.g. Palo Alto Prisma, Azure Policy, Intune, Cloud Trail, AWS Config)
Experience with network firewall configuration (e.g. Cisco, Palo Alto, Azure FW)
Experience with web proxy solutions (e.g. Websense, Azure Global Connect)
Experience designing and building defense-in-depth security monitoring to aid in detection, triage, analysis, and response
Working with industry security and risks standards (e.g. FedRAMP Moderate, PCI DSS, SOC2, ISO 27001, CIS Benchmarks) for sensitive data protection
POSITION TYPE
Regular
PAY RANGE
The targeted base salary for this position is $120,700 to $180,900 per year. The final compensation will be determined by a number of factors such as qualifications, expertise, and the candidate’s geographical location.
<<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>
Green Dot promotes diversity and provides equal opportunity for all applicants and employees. We are dedicated to building a company that represents a variety of backgrounds, perspectives, and skills. We believe that the more inclusive we are, the better our work (and work environment) will be for everyone. Additionally, Green Dot provides reasonable accommodations for candidates on request and respects applicants' privacy rights.